FCS_Unit_6_Notes

Cyberspace and the Law

Introduction

Cyberspace is such a term, which is not yet completely defined and also has no geographical limitation. It is a term associated with application of the Internet worldwide. It is also called as a virtual space as physical existence of cyberspace is not detectable at all. Cyberspace is “the total interconnectedness of human beings through computers and telecommunication without regard to physical geography. Cyberspace is a term coined by science fiction author William Gibson to describe the whole range of information resources available through computer networks. For our purposes, cyberspace is a realm in which communication and interaction between two individuals or between an individual and a computer is facilitated by digital data exchanged over computer networks.

In order to ensure that humans do not misuse Cyber technologies, Cyber laws are generated. The overall idea of Cyberlaw is to stop any person from violating the rights of other persons in Cyberspace. Any kind of violation of Cyber rights is considered to be a Cyberspace violation and is deemed punishable under Cyber Laws.

It is important to note that since Cyberspace does not belong to the physical world, the physical laws do not apply to Cyberspace crime. A separate set of Cyber laws are formulated by the government to provide Cybersecurity to Cyber users. Such Cyber laws are needed to monitor and prevent any immoral or illegal activities of humans.

Some of the common Cyberspace violation activities include hacking, theft, money laundering, terrorism, piracy, etc. Hackers can get hold of any internet account through the Domain Name Server (DNS), phishing, IP address, etc. to get entry into the computer system of any person and steal the data, or introduce computer bugs and render the system ineffective.

Cyber Security Regulations

Cybersecurity regulations are legal frameworks developed by governments and regulatory bodies to establish standards, requirements, and guidelines for securing information systems and protecting sensitive data. These regulations aim to address the growing threats and challenges posed by cybercrime, data breaches, and other cybersecurity risks. The specific regulations vary by country and region, and compliance is often mandatory for organizations that handle sensitive information.

Here are some key cybersecurity regulations and guidelines in India:

1. Information Technology (IT) Act, 2000:
   • The IT Act, 2000 is a comprehensive legislation that addresses various aspects of electronic transactions, including digital signatures, data protection, and penalties for cybercrimes.
2. National Cyber Security Policy (NCSP) - 2013:
   • The NCSP outlines the vision and strategy for cybersecurity in India. It aims to protect information infrastructure in the country and build capabilities to respond to cyber threats.
3. Reserve Bank of India (RBI) Guidelines:
   • The RBI issues guidelines related to cybersecurity for banks and financial institutions. These guidelines outline measures for securing online transactions, data protection, and incident reporting.
4. Data Protection Laws:
   • India is in the process of enacting comprehensive data protection legislation. The Personal Data Protection Bill, 2019, is under consideration. The bill proposes regulations for the processing of personal data and includes provisions for the protection of individuals' privacy.

Roles of International Law

International law plays a crucial role in regulating the conduct of states and other international actors in the global arena. It serves as a framework for maintaining peace and security, promoting cooperation, and resolving disputes among nations. The roles of international law are diverse and encompass various aspects of international relations. Here are some key roles of international law:

1. Peace and Security:
   • Conflict Prevention: International law seeks to prevent conflicts between states by establishing norms and principles that guide their behavior. Treaties and agreements often include provisions to avoid the use of force and resolve disputes peacefully.
   • Collective Security: The United Nations Charter is a foundational document that establishes principles for collective security. It authorizes the Security Council to take measures, including the use of force, to maintain or restore international peace and security.
2. Human Rights Protection:
   • Universal Declaration of Human Rights (UDHR): International law, including treaties and conventions, plays a central role in promoting and protecting human rights. The UDHR and subsequent conventions outline fundamental rights and freedoms that apply to all individuals, regardless of nationality.
   • International Criminal Court (ICC): The ICC is a key institution for the enforcement of international criminal law. It has the jurisdiction to prosecute individuals for genocide, war crimes, crimes against humanity, and the crime of aggression.
3. Trade and Economic Cooperation:
   • World Trade Organization (WTO): International trade law, as governed by the WTO, establishes rules for fair trade practices, dispute resolution mechanisms, and the promotion of economic cooperation among member states.
   • Bilateral and Multilateral Treaties: Treaties and agreements facilitate economic cooperation between nations, covering areas such as investment, taxation, and intellectual property rights.
4. Environmental Protection:
   • Multilateral Environmental Agreements (MEAs): MEAs address global environmental challenges, such as climate change, biodiversity loss, and pollution. Treaties like the Paris Agreement and the Convention on Biological Diversity aim to promote sustainable development and protect the environment.
   • Principle of Common but Differentiated Responsibilities (CBDR): This principle, often applied in environmental agreements, recognizes that states have different responsibilities based on their levels of development and historical contributions to environmental issues.

Cyber Security Standards

A security standard is "a published specification that establishes a common language, and contains a technical specification or other precise criteria and is designed to be used consistently, as a rule, a guideline, or a definition." The goal of security standards is to improve the security of information technology (IT) systems, networks, and critical infrastructures.

1.ISO

ISO stands for International Organization for Standardization. International Standards make things to work. These standards provide a world-class specification for products, services and computers, to ensure quality, safety and efficiency. They are instrumental in facilitating international trade.

2.IT Act

The Information Technology Act also known as ITA-2000, or the IT Act main aims is to provide the legal infrastructure in India which deal with cybercrime and e-commerce.This act is also used to check misuse of cyber network and computer in India. It was officially passed in 2000 and amended in 2008. It has been designed to give the boost to Electronic commerce, e-transactions and related activities associated with commerce and trade. It also facilitate electronic governance by means of reliable electronic records.

3.Copyright Act

The Copyright Act 1957 amended by the Copyright Amendment Act 2012 governs the subject of copyright law in India. This Act is applicable from 21 January 1958. Copyright is a legal term which describes the ownership of control of the rights to the authors of "original works of authorship" that are fixed in a tangible form of expression.

4.IPR

Intellectual property rights is a right that allow creators, or owners of patents, trademarks or copyrighted works to benefit from their own plans, ideas, or other intangible assets or investment in a creation.

National Cyber Security Policy 2013:

The National Cyber Security Policy document outlines a roadmap to create a framework for a comprehensive, collaborative, and collective response to deal with the issue of cyber security at all levels within the country.

The National Cyber Security Policy 2013 aims at:

1. facilitating the creation of a secure computing environment
2. enabling adequate trust and confidence in electronic transactions and
3. guiding stakeholders’ actions for the protection of cyberspace.

The policy had a vision to build a secure and resilient cyberspace environment for citizens, businesses, and government.

The need to protect information

National Cyber Security Policy 2013should be seen as aboutprotecting information, such as personal information, financial/banking information, sovereign data, etc.

• Information empowers, and to empower people with information, we need tosecure the information/data.
• There is a need todistinguish between data that can freely flow and data that needs to be protected.
• The “National Cyber Security Policy” has been prepared in consultation with all relevant stakeholders, user entities, and the public.
• This policy aims to facilitate the creation of a secure computing environment enabling adequate trust and confidence in electronic transactions and also guiding stakeholders’ actions for the protection of cyberspace.
• The National Cyber Security Policy document outlines a roadmap to create a framework for a comprehensive, collaborative, and collective response to deal with the issue of cyber security at all levels within the country.
• The policy recognizes the need for objectives and strategies that need to be adopted both at the national level as well as international levels.

The objectives and strategies outlined in the National Cyber Security Policy

1. Articulate our concerns, understanding, priorities for action as well as directed efforts.
2. Provide confidence and reasonable assurance to all stakeholders in the country (Government, business, industry, and the general public) and the global community, about the safety, resiliency, and security of cyberspace.
3. Adopt a suitable posturing that can signal our resolve to make determined efforts to effectively monitor, deter, and deal with cybercrime andcyber attacks.